Created
October 29, 2024 16:32
-
-
Save thomaswitt/c57b6ba1dfbcdc670321c83b7c7ae6cf to your computer and use it in GitHub Desktop.
Convert an AWS secret access key to an SES SMTP password using Ruby (https://docs.aws.amazon.com/ses/latest/dg/smtp-credentials.html)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/ruby | |
| require 'openssl' | |
| require 'base64' | |
| # Define a method to calculate HMAC SHA-256 | |
| def hmac_sha256(key, data) | |
| OpenSSL::HMAC.digest('sha256', key, data) | |
| end | |
| # Define a method to generate the SMTP password | |
| def generate_smtp_password(key, region) | |
| # Fixed values | |
| date = '11111111' | |
| service = 'ses' | |
| terminal = 'aws4_request' | |
| message = 'SendRawEmail' | |
| version = 0x04 | |
| # Perform the HMAC SHA-256 operations | |
| k_date = hmac_sha256('AWS4' + key, date) | |
| k_region = hmac_sha256(k_date, region) | |
| k_service = hmac_sha256(k_region, service) | |
| k_terminal = hmac_sha256(k_service, terminal) | |
| k_message = hmac_sha256(k_terminal, message) | |
| # Concatenate the version and the k_message | |
| signature_and_version = [version].pack('C') + k_message | |
| # Encode the result in Base64 to get the SMTP password | |
| Base64.strict_encode64(signature_and_version) | |
| end | |
| # Accept key and region as command-line arguments | |
| if ARGV.length != 2 | |
| puts 'Usage: ruby script.rb <AWS_SECRET_ACCESS_KEY> <AWS_REGION>' | |
| exit | |
| end | |
| key = ARGV[0] | |
| region = ARGV[1] | |
| smtp_password = generate_smtp_password(key, region) | |
| puts "SMTP Password: #{smtp_password}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment